CISSP Exam Questions for Self-Study (Domain 1)

Note:  Pardon the messiness of the questions.  These questions come from my podcast and will be cleaning the questions up over the coming weeks.

Question:  001

If a security mechanism offers confidentiality, then it offers a high level of assurance that authorized subjects can ________________ the data, objects, and resources.

    • A. Manage
    • B. Mitigate
    • C. Secrecy
    • D. Due Diligence

Answer:  [C]  The secrecy of the data is an important aspect around confidentiality of the data and that only “authorized” persons have access to the data

Source:  ShonGerber Training Courses


Question:  002

When is Confidentiality compromised?

    • A. Data shipped in plain text or stored unprotected
    • B. Data is shipped when the circuit is complete
    • C. Data is transmitted or stored in an unprotected container
    • D. Data is unable to reach its destination due to the circuit being down

Answer:  [A] Data shipped in plain text or stored in a location without various protection (Access Controls, Encryption, etc.) will be a compromise of confidentiality.  

Source:  ShonGerber Training Courses


Question:  003

When looking to maintain confidentiality of user credentials the use of an spreadsheet for password storage is the best option.  

    • A. True
    • B. False

Answer:  [B] The use of a spread sheet to store user credentials is a good first step, but it is not the “Best” option.   And realistically, the spreadsheet is only acceptable if it has a password associated with it.

Source:  ShonGerber Training Courses


Question:  004

When considering the data owner for an application or the data itself, who would be the Best owner of the data?

    • A. CIO
    • B. CTO
    • C. Business Owner / IP Owner
    • D. IT Organization

Answer: [C] the Business Owner or IP Owners are the best people/individuals to own the data associated with an application.   IT is commonly thought as the group that is the data owner, but this is only because they typically manage all of data (Access, Storage, etc.)

Source:  ShonGerber Training Courses


Question:  005

Commonly passwords are shared with others within so many organizations and as you a person studying for your CISSP exam, what part of the CIA triangle is compromised through this action?

    • A. Confidentiality
    • B. Availability
    • C. Integrity
    • D. All of the Above

Answer:  [A] Confidentiality is compromised when passwords are shared amongst personnel.  There may be a legitimate reason for this sharing, but if so then adequate controls should be implemented to reduce the risk of credential compromise.  

Source:  ShonGerber Training Courses


Question:  006

Ensuring that the Integrity of the data, which answer below best meets that description?

    • A. Data cannot be modified in an unauthorized or undetected manner
    • B. Data cannot be modified in an authorized or detected manner
    • C. Data can be modified in an unauthorized or undetected manner
    • D. None of the above

Answer:  [A] Data cannot be modified in an unauthorized or undetected manner is the correct answer.   It is important to ensure that the data integrity is maintained, and this can only be done if there is no way to modify the data in an unauthorized manner. 

Source:  ShonGerber Training Courses


Question:  007

What is a security mechanism that is typically put in place to ensure that data is not compromised?

    • A. Honeypots
    • B. Intrusion Detection Systems (IDS)
    • C. Encryption
    • D. Host Based Intrusion Detection Systems (HBIDS)

Answer:  [C] Encryption is commonly used to ensure that data is not compromised in both transit and while sitting at rest on databases, servers, workstations, and any other device.

Source:  ShonGerber Training Courses


Question:  008

When a device/capability is considered High Availability, it means that the system must remain available:

    • A. Most of the time
    • B. Large Part of the time
    • C. All of the time
    • D. Only when it is necessary

Answer: [C] If High Availability is required then the device/capability must be available all  of the time.  By setting this requirement you can add additional resources or terms in contracts to ensure that this occurs.  

Source:  ShonGerber Training Courses


Question:  009

Availability is compromised when a Denial of Service occurs and is:

    • A. Mitigated
    • B. Not Mitigated
    • C. Adequate protections are implemented
    • D. A system has Nonrepudiation enabled

Answer: [B] Availability is compromised when a Denial of Service occurs and is Not Mitigated.

Source:  ShonGerber Training Courses


Question:  010

Layering of security protections and/or various network resources is commonly called:

    • A. 7 Layer OSI Model (aka. Burrito)
    • B. Honeypots
    • C. Defense in Depth
    • D. None of the Above

Answer: [C] By layering security protections or network resources you can create a Defense in Depth strategy for your network.

Source:  ShonGerber Training Courses



Don't you want to pass the CISSP....the FIRST time?

Get my FREE CISSP training videos (Domains 1 - 4) so I can show you how to pass the CISSP Exam...the FIRST time! .